To defend network system against the harm done by unauthorized access. basing on theory and conception of trusted computing and Role Based Access Control(RBAC) model，this paper proposes an access control model named Environment Role Based Access Control(ERBAC). This model correlates the role with system environment security. When an user′s environment is secure enough, the permissions corresponding to its roles are valid，and the user is allowed to access resources. An access control application instance is given to prove the effectiveness of the model and semantics.